Wireshark mailing list archives
Re: Highlight fields
From: Jeff Morriss <jeff.morriss.ws () gmail com>
Date: Fri, 12 Feb 2016 09:22:39 -0500
I'm not sure this would require changes to the dissectors. I would /think/ that this could be done similar to how the Expert Info system highlights the (tree) path down to the item to which the expert info is attached. That is, it could be done in the proto_tree_add*() calls by, for example: 1. Checking if the field being added was part of the display filter 2. If so then highlighting the path back to the root of the tree (like the expert info calls do) I don't know, however, how you could visually distinguish expert info's from the "here is(are) your field(s)" highlights. On Wed, Feb 10, 2016 at 7:48 AM, Juan Jose Martin Carrascosa <juanjo () rti com
wrote:
Do you know which would be the approach? I am willing to implement it. Any idea is very much appreciated! Thanks, Juanjo On Wed, Feb 10, 2016 at 1:45 PM, Roland Knall <rknall () gmail com> wrote:Hi No, currently there is no direct way to do this. And any new way would require a change to the dissectors handling the messages regards On Wed, Feb 10, 2016 at 11:44 AM, Juan Jose Martin Carrascosa < juanjo () rti com> wrote:Hi all, Let's say I have several submessages in a packet (RTPS). When I filter, one of them matches so the whole RTPS (UDP datagram) matches and thus, it is shown in the display. However, if the amount of submessages is large (200?), it is quite tedious to find the matching submessage. Is there any way in Wireshark (GUI or changing source code) to solve my issue? Highlighting the field that makes something match a filter or something like that. Thanks! Juanjo Martin ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org ?subject=unsubscribe___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org ?subject=unsubscribe-- Juanjo Martin Applications Engineer Professional Services Group Office: +34 958 27 88 62 Mobile: +34 622 73 29 03 juanjo () rti com www.rti.com ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org ?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Highlight fields Juan Jose Martin Carrascosa (Feb 10)
- Re: Highlight fields Roland Knall (Feb 10)
- Re: Highlight fields Juan Jose Martin Carrascosa (Feb 10)
- Re: Highlight fields Jeff Morriss (Feb 12)
- Re: Highlight fields Juan Jose Martin Carrascosa (Feb 12)
- Re: Highlight fields Jeff Morriss (Feb 12)
- Re: Highlight fields Jeff Morriss (Feb 23)
- Re: Highlight fields Stig Bjørlykke (Feb 23)
- Re: Highlight fields Juan Jose Martin Carrascosa (Feb 23)
- Re: Highlight fields Juan Jose Martin Carrascosa (Feb 10)
- Re: Highlight fields Roland Knall (Feb 10)